Dobrý den,
bohuzel podarilo se mi chytit tento vir na svem pracovnim pc a ten mi blokoval system hlaskou "policie ČR blokuje můj počítač". Problem nejspise nastal tim ze jsem nemel zcela zaplatovany system, byl temer pul roku bez aktualizaci, protoze nebyl na siti - bezel bez pripojeni k internetu. Po pripojeni jsem se snazil dat vsemu update, zdalo je vse bezi jak ma, ale vcera po otevreni browseru Opera a pri nacitani stranky se mi objevila ta vyse zminena blokace. Task manager nesel spustit nebo mozna ano, ale blokace byla jakoby v rezimu overlay (always on top) a brala focus, no nemohl jsem nic nez restart.
Nouzovy rezim jsem byl schopen spustit, nasel jsem nekolik souboru v adresari "C:\documents and settings\muj ucet\" ty se mi podarilo odstranit, byl tam soubor *.bat ktery spoustel zase nesmyslny nazev souboru s koncovkou *.reg dale pak knihovna se stejnym nazvem. Provedl jsem kontrulu antivirem, spyhunterem, dale se nic nenaslo. Pote jsem restartoval zpet do bezneho rezimu, tentokrat se uz blokace nezobrazuje, ale system jakoby uplne nereaguje, treba task manager nelze spustit po nabehnuti systemu dam ho spustit a nic. Udelal jsem logy z programu RSIT a ComboFix, byl bych vam nesmirne vdecen kdyby jste se na to mohl nekdo podivat a pomoct mi, tlaci me cas s praci a takto nelze pracovat... za pomoc a rychlou reakci na toto tema predem dekuji.
RSIT log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by karlos at 2013-04-20 12:22:46
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 22 GB (11%) free of 200 GB
Total RAM: 8169 MB (82% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
/QuitInfo:0000000000000108;0000000000000160; /AddRef;
/QuitInfo:00000000000002C8;00000000000002CC; /AddRef;
/QuitInfo:0000000000000284;00000000000002D4;
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Microsoft Security Client\msseces.exe"
notepad.exe "C:\Users\karlos\AppData\Local\Temp\log.txt"
"C:\Program Files (x86)\totalcmd\TOTALCMD.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\log.txt
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\log.txt
"E:\progs\RSITx64.exe"
"C:\Windows\system32\rundll32.exe" "C:\Windows\system32\WININET.dll",DispatchAPICall 1
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1465061781-2703766832-3891519350-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1465061781-2703766832-3891519350-1003UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-16 537576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-16 193512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000001-AB3B-4334-9DA2-EC6B2A02AFC6}]
FileServeManager - C:\Program Files (x86)\FileServe Manager\FileServeBHO.dll [2011-09-21 1257752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-16 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-10-27 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-16 157672]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-19 11613288]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-10-27 613536]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-10-27 379040]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-03-26 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-03-26 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-03-26 418840]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2010-12-17 391144]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]
"Zune Launcher"=C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
"Windows Phone Device Manager"=C:\Windows\WPDeviceManager\WPDeviceManager.exe /Minimized []
"WD Quick View"=C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe [2011-12-15 4244888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileServe Manager Task]
C:\Program Files (x86)\FileServe Manager\FSStarter.exe [2011-09-21 954648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-06-07 421776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2012-08-08 1353080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2010-12-17 5566176]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-03-22 284184]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-04-18 421888]
"vmware-tray.exe"=C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [2012-08-15 104088]
"WD Drive Unlocker"=C:\Program Files (x86)\Western Digital\WD Apps\WDDriveAutoUnlock.exe [2011-12-16 1687968]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-12-10 2254768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-03-26 385024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=3
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2013-04-20 12:04:52 ----D---- C:\Windows\temp
2013-04-20 12:04:50 ----A---- C:\ComboFix.txt
2013-04-19 20:59:04 ----A---- C:\Windows\zip.exe
2013-04-19 20:59:04 ----A---- C:\Windows\SWSC.exe
2013-04-19 20:59:04 ----A---- C:\Windows\SWREG.exe
2013-04-19 20:59:04 ----A---- C:\Windows\sed.exe
2013-04-19 20:59:04 ----A---- C:\Windows\PEV.exe
2013-04-19 20:59:04 ----A---- C:\Windows\NIRCMD.exe
2013-04-19 20:59:04 ----A---- C:\Windows\MBR.exe
2013-04-19 20:59:04 ----A---- C:\Windows\grep.exe
2013-04-19 20:51:43 ----AD---- C:\Qoobox
2013-04-19 20:51:08 ----D---- C:\Windows\erdnt
2013-04-19 19:14:40 ----A---- C:\autoexec.bat
2013-04-19 19:14:25 ----D---- C:\sh4ldr
2013-04-19 19:14:24 ----D---- C:\Program Files (x86)\Enigma Software Group
2013-04-19 19:13:05 ----D---- C:\Windows\46B04D534E344388B6EE80FAB66AEF9B.TMP
2013-04-19 19:00:50 ----A---- C:\TDSSKiller.2.8.16.0_19.04.2013_19.00.50_log.txt
2013-04-19 18:05:32 ----A---- C:\Windows\ntbtlog.txt
2013-04-19 17:53:34 ----D---- C:\Program Files\trend micro
2013-04-19 17:53:33 ----D---- C:\rsit
2013-04-19 17:40:37 ----A---- C:\Windows\system32\drivers\mvrvdclr.sys
2013-04-13 22:49:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-04-13 22:49:20 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-04-13 22:49:20 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-13 22:49:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-04-13 22:49:19 ----A---- C:\Windows\SYSWOW64\url.dll
2013-04-13 22:49:19 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-04-13 22:49:19 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-04-13 22:49:19 ----A---- C:\Windows\system32\urlmon.dll
2013-04-13 22:49:19 ----A---- C:\Windows\system32\url.dll
2013-04-13 22:49:19 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-13 22:49:19 ----A---- C:\Windows\system32\ieui.dll
2013-04-13 22:49:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-04-13 22:49:18 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-04-13 22:49:18 ----A---- C:\Windows\system32\wininet.dll
2013-04-13 22:49:18 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-13 22:49:18 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-13 22:49:18 ----A---- C:\Windows\system32\jscript9.dll
2013-04-13 22:49:17 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-04-13 22:49:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-04-13 22:49:17 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-04-13 22:49:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-04-13 22:49:17 ----A---- C:\Windows\system32\vbscript.dll
2013-04-13 22:49:17 ----A---- C:\Windows\system32\jscript.dll
2013-04-13 22:49:17 ----A---- C:\Windows\system32\iertutil.dll
2013-04-13 22:49:16 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-04-13 22:49:15 ----A---- C:\Windows\system32\mshtml.dll
2013-04-13 22:49:14 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-04-13 22:49:14 ----A---- C:\Windows\system32\ieframe.dll
2013-04-13 22:44:34 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-04-13 22:44:34 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-04-13 22:44:34 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-04-13 22:44:34 ----A---- C:\Windows\system32\tsgqec.dll
2013-04-13 22:44:34 ----A---- C:\Windows\system32\mstscax.dll
2013-04-13 22:44:34 ----A---- C:\Windows\system32\aaclient.dll
2013-04-13 22:44:30 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-04-13 22:44:28 ----A---- C:\Windows\system32\win32k.sys
2013-04-13 22:44:26 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-04-13 22:44:03 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-04-13 22:44:03 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-13 22:44:02 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-04-13 22:44:02 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-04-13 22:44:02 ----A---- C:\Windows\system32\smss.exe
2013-04-13 22:44:02 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-03 12:54:20 ----D---- C:\Users\karlos\AppData\Roaming\Mozilla
2013-04-03 06:42:22 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2013-04-02 20:15:35 ----A---- C:\Windows\system32\Wdfres.dll
2013-04-02 20:15:35 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-04-02 20:15:35 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-04-02 20:10:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-04-02 20:10:01 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-04-02 20:10:01 ----A---- C:\Windows\system32\atmlib.dll
2013-04-02 20:10:01 ----A---- C:\Windows\system32\atmfd.dll
2013-04-02 20:09:30 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-04-02 20:09:30 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-04-02 20:09:29 ----A---- C:\Windows\system32\WUDFx.dll
2013-04-02 20:09:29 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-04-02 20:09:29 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-04-02 20:09:29 ----A---- C:\Windows\system32\WUDFHost.exe
2013-04-02 20:09:29 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-04-02 20:04:46 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-04-02 20:04:46 ----A---- C:\Windows\system32\tzres.dll
2013-04-02 20:04:38 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-04-02 20:04:38 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-04-02 20:04:38 ----A---- C:\Windows\system32\Wpc.dll
2013-04-02 20:04:38 ----A---- C:\Windows\system32\gameux.dll
2013-04-02 20:04:23 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-04-02 20:04:23 ----A---- C:\Windows\system32\wintrust.dll
2013-04-02 20:04:19 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-04-02 20:04:19 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-04-02 20:04:19 ----A---- C:\Windows\system32\KernelBase.dll
2013-04-02 20:04:19 ----A---- C:\Windows\system32\kernel32.dll
2013-04-02 20:04:19 ----A---- C:\Windows\system32\conhost.exe
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-04-02 20:04:18 ----A---- C:\Windows\system32\wow64win.dll
2013-04-02 20:04:18 ----A---- C:\Windows\system32\wow64cpu.dll
2013-04-02 20:04:18 ----A---- C:\Windows\system32\wow64.dll
2013-04-02 20:04:18 ----A---- C:\Windows\system32\ntvdm64.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-04-02 20:04:01 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-04-02 20:04:01 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-04-02 20:04:01 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-04-02 20:04:01 ----A---- C:\Windows\system32\winsrv.dll
2013-04-02 20:04:00 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-04-02 20:03:59 ----A---- C:\Windows\SYSWOW64\user.exe
2013-04-02 20:03:55 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-04-02 20:03:55 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2013-04-02 20:03:55 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-04-02 20:03:55 ----A---- C:\Windows\system32\nlasvc.dll
2013-04-02 20:03:55 ----A---- C:\Windows\system32\netcorehc.dll
2013-04-02 20:03:55 ----A---- C:\Windows\system32\ncsi.dll
2013-04-02 20:03:55 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-04-02 20:03:54 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-04-02 20:03:54 ----A---- C:\Windows\system32\nlaapi.dll
2013-04-02 20:03:54 ----A---- C:\Windows\system32\netevent.dll
2013-04-02 20:03:54 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-04-02 20:03:50 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-04-02 20:03:50 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-04-02 20:03:49 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-04-02 20:03:49 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2013-04-02 20:03:49 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-04-02 20:03:49 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-04-02 20:03:45 ----A---- C:\Windows\system32\msxml6.dll
2013-04-02 20:03:45 ----A---- C:\Windows\system32\msxml3.dll
2013-04-02 20:03:44 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-04-02 20:03:44 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-04-02 20:03:41 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-04-02 20:03:41 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-04-02 20:03:41 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-04-02 20:03:41 ----A---- C:\Windows\system32\cryptsvc.dll
2013-04-02 20:03:41 ----A---- C:\Windows\system32\cryptnet.dll
2013-04-02 20:03:41 ----A---- C:\Windows\system32\crypt32.dll
2013-04-02 20:03:36 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-04-02 20:03:36 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-04-02 20:03:36 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-04-02 20:03:36 ----A---- C:\Windows\system32\win32spl.dll
2013-04-02 20:03:36 ----A---- C:\Windows\system32\usp10.dll
2013-04-02 20:03:36 ----A---- C:\Windows\system32\ncrypt.dll
2013-04-02 20:03:36 ----A---- C:\Windows\system32\dpnet.dll
2013-04-02 20:03:35 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-04-02 20:03:34 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-04-02 20:03:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-04-02 20:03:34 ----A---- C:\Windows\system32\taskhost.exe
2013-04-02 20:03:34 ----A---- C:\Windows\system32\synceng.dll
2013-04-02 20:03:34 ----A---- C:\Windows\system32\kerberos.dll
2013-04-02 20:03:34 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-03-27 18:55:14 ----D---- C:\ProgramData\DFX
======List of files/folders modified in the last 1 months======
2013-04-20 12:04:52 ----D---- C:\Windows\system32\drivers
2013-04-20 12:04:52 ----AD---- C:\Windows
2013-04-20 12:02:32 ----A---- C:\Windows\system.ini
2013-04-20 11:58:36 ----D---- C:\Windows\SYSWOW64\drivers
2013-04-20 11:58:36 ----D---- C:\Windows\SysWOW64
2013-04-20 11:58:36 ----D---- C:\Windows\AppPatch
2013-04-20 11:58:36 ----D---- C:\Program Files (x86)\Common Files
2013-04-20 11:40:30 ----D---- C:\Windows\System32
2013-04-20 11:40:30 ----D---- C:\Windows\inf
2013-04-20 11:40:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-20 11:18:05 ----D---- C:\Windows\Prefetch
2013-04-20 11:16:41 ----D---- C:\ProgramData\VMware
2013-04-20 11:15:40 ----D---- C:\Users\karlos\AppData\Roaming\WTablet
2013-04-20 11:15:08 ----D---- C:\ProgramData\NVIDIA
2013-04-19 23:17:43 ----D---- C:\Windows\system32\config
2013-04-19 21:27:01 ----D---- C:\Windows\system32\drivers\etc
2013-04-19 19:38:10 ----SHD---- C:\System Volume Information
2013-04-19 19:15:51 ----D---- C:\Windows\SoftwareDistribution
2013-04-19 19:14:31 ----SHD---- C:\Windows\Installer
2013-04-19 19:14:29 ----D---- C:\Windows\system32\Tasks
2013-04-19 19:14:24 ----RD---- C:\Program Files (x86)
2013-04-19 18:45:25 ----D---- C:\ProgramData
2013-04-19 18:04:36 ----D---- C:\Users\karlos\AppData\Roaming\Media Player Classic
2013-04-19 18:04:36 ----D---- C:\Users\karlos\AppData\Roaming\DAEMON Tools Lite
2013-04-19 18:04:31 ----D---- C:\Windows\debug
2013-04-19 17:53:34 ----RD---- C:\Program Files
2013-04-18 22:23:43 ----D---- C:\Users\karlos\AppData\Roaming\TS3Client
2013-04-18 16:51:15 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-04-16 20:49:51 ----D---- C:\Users\karlos\AppData\Roaming\vlc
2013-04-15 16:22:04 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client
2013-04-13 23:01:40 ----D---- C:\Windows\system32\catroot2
2013-04-13 23:01:22 ----D---- C:\Windows\winsxs
2013-04-13 22:59:20 ----D---- C:\Windows\SYSWOW64\migration
2013-04-13 22:59:20 ----D---- C:\Windows\system32\migration
2013-04-13 22:59:20 ----D---- C:\Program Files\Internet Explorer
2013-04-13 22:59:20 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-13 22:59:18 ----D---- C:\Windows\system32\DriverStore
2013-04-13 22:52:20 ----A---- C:\Windows\system32\MRT.exe
2013-04-13 22:51:38 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-04-13 22:51:30 ----D---- C:\temp
2013-04-13 22:50:11 ----D---- C:\Program Files\NVIDIA Corporation
2013-04-13 22:50:08 ----D---- C:\Windows\system32\catroot
2013-04-12 22:37:54 ----D---- C:\Program Files (x86)\Hard Disk Sentinel
2013-04-05 17:29:46 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-04-04 06:47:08 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2013-04-03 10:55:44 ----RSD---- C:\Windows\assembly
2013-04-03 10:55:44 ----D---- C:\Windows\Microsoft.NET
2013-04-03 10:54:23 ----D---- C:\Windows\rescache
2013-04-03 06:45:36 ----D---- C:\ProgramData\Origin
2013-04-03 06:45:12 ----D---- C:\Users\karlos\AppData\Roaming\Origin
2013-04-03 06:45:00 ----D---- C:\Program Files (x86)\Origin
2013-04-03 06:40:55 ----D---- C:\Program Files\Microsoft Silverlight
2013-04-03 06:40:54 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-04-02 21:07:53 ----D---- C:\Windows\SYSWOW64\en-US
2013-04-02 21:07:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-04-02 21:07:52 ----D---- C:\Windows\system32\wbem
2013-04-02 21:07:52 ----D---- C:\Windows\system32\en-US
2013-04-02 21:07:52 ----D---- C:\Windows\system32\drivers\en-US
2013-04-02 21:07:52 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-04-02 21:07:52 ----D---- C:\Windows\system32\cs-CZ
2013-04-02 21:07:52 ----D---- C:\Windows\PolicyDefinitions
2013-04-02 21:07:50 ----RSD---- C:\Windows\Fonts
2013-04-02 20:19:51 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-04-02 20:11:25 ----D---- C:\Program Files\Microsoft Security Client
2013-04-02 20:11:25 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-04-02 12:34:28 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-03-22 557080]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2011-07-26 277088]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2010-12-18 25280]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2011-07-26 1263200]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2011-07-26 970336]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2012-07-06 85104]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2012-07-06 70256]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2010-12-08 122856]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2010-12-08 369640]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-09-21 313520]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2012-08-15 32920]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2012-08-15 20120]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\Windows\system32\DRIVERS\VMNetSrv.sys [2008-02-05 79416]
S0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-06-14 513080]
S1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-24 13440]
S1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464]
S1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2011-07-19 295272]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-08-01 314016]
S2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2012-08-01 52376]
S2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-08-01 43680]
S2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
S2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2012-08-15 45720]
S2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2012-08-15 30360]
S2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2012-08-15 67224]
S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared); C:\Windows\SysWOW64\drivers\vstor2-mntapi10-shared.sys [2011-07-12 33392]
S3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2011-07-26 285280]
S3 AthDfu;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-10-27 55336]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-27 279152]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 esgiguard;esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [2011-03-02 13088]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys []
S3 ESLvnic1;ESLvnic Virtual Network 64 Bit; C:\Windows\system32\DRIVERS\ESLvnic.sys [2011-11-28 25528]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-03-26 12262336]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-23 2565736]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
S3 PSMounter;Macrium Reflect Image Explorer Service; \??\C:\Windows\system32\drivers\psmounter.sys [2011-06-07 40600]
S3 PSVolAcc;PSVolAcc; C:\Windows\system32\drivers\PSVolAcc.sys [2011-06-07 13464]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RivaTuner64;RivaTuner64; \??\C:\Program Files (x86)\RivaTuner\RivaTuner64.sys [2011-08-16 19952]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 vmusb;VMware USB Client Driver; C:\Windows\System32\Drivers\vmusb.sys [2012-08-01 37680]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
S2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2010-12-17 1112664]
S2 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-07-26 3246040]
S2 AfterFLICS v3;AfterFLICS v3; C:\Program Files (x86)\AFLICS\AfterFLICS.exe [2011-04-15 135170]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
S2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-03 918144]
S2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2010-12-02 915584]
S2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 DCPFLICS;DCPFLICS; C:\Program Files (x86)\DCPFLICS\DCPFLICS.exe [2007-10-24 139268]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-03-22 13336]
S2 InputDirector;Input Director Service; C:\Program Files (x86)\Input Director\IDWinService.exe [2010-02-01 36864]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2010-08-12 133800]
S2 mi-raysat_3dsmax2011_64;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit; C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe [2010-03-10 86016]
S2 mi-raysat_3dsmax2013_64;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit; C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe [2011-09-15 86016]
S2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2010-12-07 66560]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-12-03 76888]
S2 ReflectService;Macrium Reflect Image Mounting Service; C:\Program Files\Macrium\Reflect\ReflectService.exe [2011-06-07 301720]
S2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2013-01-14 769920]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 TabletServiceWacom;TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [2010-03-08 6245744]
S2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2012-08-15 79872]
S2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2012-08-15 357016]
S2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-08-01 917656]
S2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2012-08-15 435864]
S2 VMwareHostd;VMware Workstation Server; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-08-15 15680000]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-04-16 1432400]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 IDVistaService;Input Director Vista Service; C:\Program Files (x86)\Input Director\IDVistaService.exe [2009-02-08 13824]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2012-03-06 3953632]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-08-03 529232]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-07-19 738152]
-----------------EOF-----------------
log combofix:
ComboFix 13-04-18.03 - karlos 20.04.2013 11:51:24.2.8 - x64 NETWORK
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8169.6997 [GMT 2:00]
Spuštěný z: c:\users\karlos\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
ADS - Windows: deleted 0 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\users\kadasek\AppData\Local\datos.txt
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\tmp42AD.tmp
c:\windows\SysWow64\tmp42AE.tmp
c:\windows\SysWow64\tmp4349.tmp
c:\windows\SysWow64\tmp434A.tmp
D:\123.txt
D:\Uninstall.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-20 do 2013-04-20 )))))))))))))))))))))))))))))))
.
.
2013-04-20 10:02 . 2013-04-20 10:02 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-04-20 10:02 . 2013-04-20 10:02 -------- d-----w- c:\users\misak\AppData\Local\temp
2013-04-20 10:02 . 2013-04-20 10:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-20 10:02 . 2013-04-20 10:02 -------- d-----w- c:\users\Deda\AppData\Local\temp
2013-04-19 18:14 . 2013-04-19 18:14 35664 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A93AC2A9-E5C5-4545-A7EF-0D96896AF01B}\MpKsl4f432538.sys
2013-04-19 17:56 . 2013-04-20 09:39 76232 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A93AC2A9-E5C5-4545-A7EF-0D96896AF01B}\offreg.dll
2013-04-19 17:14 . 2013-04-19 17:14 110080 ----a-r- c:\users\karlos\AppData\Roaming\Microsoft\Installer\{46B04D53-4E34-4388-B6EE-80FAB66AEF9B}\IconCF33A0CE.exe
2013-04-19 17:14 . 2013-04-19 17:14 110080 ----a-r- c:\users\karlos\AppData\Roaming\Microsoft\Installer\{46B04D53-4E34-4388-B6EE-80FAB66AEF9B}\IconF7A21AF7.exe
2013-04-19 17:14 . 2013-04-19 17:14 110080 ----a-r- c:\users\karlos\AppData\Roaming\Microsoft\Installer\{46B04D53-4E34-4388-B6EE-80FAB66AEF9B}\IconD7F16134.exe
2013-04-19 17:14 . 2013-04-19 17:14 -------- d-----w- C:\sh4ldr
2013-04-19 17:14 . 2013-04-19 17:14 -------- d-----w- c:\program files (x86)\Enigma Software Group
2013-04-19 17:13 . 2013-04-19 17:14 -------- d-----w- c:\windows\46B04D534E344388B6EE80FAB66AEF9B.TMP
2013-04-19 15:53 . 2013-04-19 15:53 -------- d-----w- c:\program files\trend micro
2013-04-19 15:53 . 2013-04-19 15:54 -------- d-----w- C:\rsit
2013-04-19 15:40 . 2013-04-19 15:40 49872 ----a-w- c:\windows\system32\drivers\mvrvdclr.sys
2013-04-19 15:35 . 2013-04-19 16:02 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-04-19 13:43 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A93AC2A9-E5C5-4545-A7EF-0D96896AF01B}\mpengine.dll
2013-04-17 13:30 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-04-13 20:44 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-03 15:41 . 2013-04-03 15:41 -------- d-----w- c:\users\karlos\AppData\Local\ESN
2013-04-03 04:42 . 2013-04-03 04:42 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2013-04-02 18:15 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2013-04-02 18:15 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-04-02 18:15 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-04-02 18:15 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-04-02 18:15 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-04-02 18:10 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-04-02 18:10 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-04-02 18:10 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-04-02 18:10 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-04-02 18:09 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-04-02 18:09 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-04-02 18:09 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-04-02 18:09 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-04-02 18:09 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-04-02 18:09 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-04-02 18:09 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-04-02 18:03 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-03-27 16:55 . 2013-03-27 16:55 -------- d-----w- c:\programdata\DFX
2013-03-22 21:54 . 2013-01-08 11:13 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CF07CED4-AF5D-41EC-9041-258FB38BB461}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-18 14:51 . 2011-07-09 23:15 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-04-18 14:51 . 2011-07-09 22:57 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-04-18 14:50 . 2011-07-09 22:57 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-04-13 20:52 . 2011-06-14 08:15 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-04-02 10:34 . 2010-11-21 03:27 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-03-13 12:05 . 2012-04-04 10:41 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-13 12:05 . 2011-06-14 09:34 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-25 22:32 . 2013-02-25 22:32 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2013-02-25 22:32 . 2013-02-25 22:32 2505144 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-02-25 22:32 . 2012-04-23 11:50 15129960 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-02-25 22:32 . 2013-02-25 22:32 6262608 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-02-25 22:32 . 2011-07-15 20:47 2826040 ----a-w- c:\windows\system32\nvapi64.dll
2013-02-25 22:32 . 2013-02-25 22:32 18055184 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-02-25 22:32 . 2012-02-26 15:20 1107440 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-02-25 22:32 . 2011-09-27 14:52 1814304 ----a-w- c:\windows\system32\nvdispco64.dll
2013-02-25 22:32 . 2013-02-25 22:32 958120 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-02-25 22:32 . 2013-02-25 22:32 2720544 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-02-25 22:32 . 2013-02-25 22:32 26929440 ----a-w- c:\windows\system32\nvoglv64.dll
2013-02-25 22:32 . 2013-02-25 22:32 7932256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-02-25 22:32 . 2013-02-25 22:32 2346784 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-02-25 22:32 . 2013-02-25 22:32 245872 ----a-w- c:\windows\system32\nvinitx.dll
2013-02-25 22:32 . 2013-02-25 22:32 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
2013-02-25 22:32 . 2013-02-25 22:32 11036448 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-02-25 22:32 . 2013-02-25 22:32 2904352 ----a-w- c:\windows\system32\nvcuvid.dll
2013-02-25 22:32 . 2013-02-25 22:32 20449056 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-02-25 22:32 . 2011-07-15 20:47 15053264 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-02-25 22:32 . 2013-02-25 22:32 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-02-25 22:32 . 2013-02-25 22:32 7564040 ----a-w- c:\windows\system32\nvopencl.dll
2013-02-25 22:32 . 2013-02-25 22:32 1985824 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-02-25 22:32 . 2013-02-25 22:32 12641992 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-02-25 22:32 . 2013-02-25 22:32 9390760 ----a-w- c:\windows\system32\nvcuda.dll
2013-02-25 22:32 . 2013-02-25 22:32 201576 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-02-12 05:45 . 2013-04-02 18:03 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-04-02 18:03 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-04-02 18:03 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-04-02 18:03 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-04-02 18:03 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-04-02 18:03 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-20 13:59 . 2013-01-20 13:59 230320 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-20 13:59 . 2010-10-24 19:25 130008 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-07-12 08:28 . 2012-07-12 08:28 2174976 ----a-w- c:\program files (x86)\Common Files\atimpenc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{00000001-AB3B-4334-9DA2-EC6B2A02AFC6}]
2011-09-21 17:04 1257752 ----a-w- c:\program files (x86)\FileServe Manager\FileServeBHO.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-03-22 284184]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"vmware-tray.exe"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe" [2012-08-15 104088]
"WD Drive Unlocker"="c:\program files (x86)\Western Digital\WD Apps\WDDriveAutoUnlock.exe" [2011-12-16 1687968]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-10 2254768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
R2 afcdpsrv;Služba Acronis Nonstop Backup;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-07-25 3246040]
R2 AfterFLICS v3;AfterFLICS v3;c:\program files (x86)\AFLICS\AfterFLICS.exe [2011-04-14 135170]
R2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-03 918144]
R2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2010-12-02 915584]
R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-03-22 13336]
R2 InputDirector;Input Director Service;c:\program files (x86)\Input Director\IDWinService.exe [2010-02-01 36864]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2010-08-12 133800]
R2 mi-raysat_3dsmax2011_64;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit;c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe [2010-03-09 86016]
R2 mi-raysat_3dsmax2013_64;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit;c:\program files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe [2011-09-14 86016]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe [2010-12-07 66560]
R2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2011-06-07 301720]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2010-03-08 6245744]
R2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-08-01 917656]
R2 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-08-15 15680000]
R2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi10-shared.sys [x]
R2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WDDMService.exe [2011-12-15 319384]
R2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2011-12-16 246688]
R2 WDFMEService;WDFME;c:\program files\Western Digital\WD SmartWare\WDFME.exe [2011-12-15 1977224]
R2 WDRulesService;WDRules;c:\program files\Western Digital\WD SmartWare\WDRulesEngine.exe [2011-12-15 1338264]
R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2011-07-25 285280]
R3 AthDfu;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-10-27 55336]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-10-27 279152]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 esgiguard;esgiguard;c:\program files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [2011-03-02 13088]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys [x]
R3 ESLvnic1;ESLvnic Virtual Network 64 Bit;c:\windows\system32\DRIVERS\ESLvnic.sys [2011-11-28 25528]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-04-16 1432400]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
R3 IDVistaService;Input Director Vista Service;c:\program files (x86)\Input Director\IDVistaService.exe [2009-02-08 13824]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 PSMounter;Macrium Reflect Image Explorer Service;c:\windows\system32\drivers\psmounter.sys [2011-06-07 40600]
R3 PSVolAcc;PSVolAcc; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 RivaTuner64;RivaTuner64;c:\program files (x86)\RivaTuner\RivaTuner64.sys [2011-08-16 19952]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-06-14 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2011-12-16 14464]
R4 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-07-19 738152]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [2011-07-25 1263200]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [2012-07-06 85104]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys [2012-07-06 70256]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2010-12-08 122856]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2010-12-08 369640]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2010-01-24 18216]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 12:05]
.
2013-04-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1465061781-2703766832-3891519350-1003Core.job
- c:\users\karlos\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-04 11:27]
.
2013-04-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1465061781-2703766832-3891519350-1003UA.job
- c:\users\karlos\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-04 11:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-10-27 613536]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-10-27 379040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-25 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-25 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-25 418840]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
"Služba Acronis Scheduler2"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2010-12-17 391144]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"WD Quick View"="c:\program files\Western Digital\WD SmartWare\WDDMStatus.exe" [2011-12-15 4244888]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download with FileServe Manager - c:\program files (x86)\FileServe Manager\GetUrl.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: Interfaces\{1648EC05-D0FC-4299-BDC1-E0D00A14C3D4}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
TCP: Interfaces\{BFB5E77A-0FEA-4BF4-9C03-C793BC8CD7B7}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
HKLM-Run-Windows Phone Device Manager - c:\windows\WPDeviceManager\WPDeviceManager.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-UnityWebPlayer - c:\users\karlos\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"Licence"="REMOVED"
"Licence0"="04F0D21-79D8-7A25-D702-433F"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-04-20 12:04:50
ComboFix-quarantined-files.txt 2013-04-20 10:04
.
Před spuštěním: Volných bajtů: 23 517 265 920
Po spuštění: Volných bajtů: 23 353 237 504
.
- - End Of File - - 1D61DD9D90AB757B25F82F925029CBD7
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Policie České republiky. Váš počítač je zablokován !
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Policie České republiky. Váš počítač je zablokován !
Zdravim 
Pravidla fora hovori jasne a porusil jste je navic nekolikrat
Dale i licencni podminky CF hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"
Nebezpeci CFka
Pravidla fora hovori jasne a porusil jste je navic nekolikrat
3. Zvláště utilitu ComboFix nespouštějte i když Vám mi poradil kamarád\nějaký rádoby odborný web. Naše fórum je jediné z CZ-SK antivirových fór, která mají právo luštit logy z ComboFixu a mámě též plnou podporu autora této utility a přístup k nejaktuálnějším informacím a návodům.
6. Fórum viry.cz se nezabývá odvirováním firemních PC - na toto jsou ve firmách placení (a někdy až hodně nadstandardně) IT technici, případně si je firma může najmou. My jsme tu zdarma a ve svém volném čase, nehodláme dělat práci za někoho jiného, kdo si pak jen slízne smetánku a plat. Taktéž ani neposkytujeme poradenství v oblasti zabezpečení firemních sítí či nastavení firemních sítí. Zkrátka a jednoduše, naše fórum poskytuje podporu domácím uživatelům.
Dale i licencni podminky CF hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby" Nebezpeci CFka
- Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
- Maze stopy po haveti, takze v logu z RSIT neni nic videt
- Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
- CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
- CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Policie České republiky. Váš počítač je zablokován !
Dekuji. Asi jsem neco prehledl, to se omlouvam. Mimochodem firemni pc to neni je to muj stroj, ktery mam doma a uzivam ho primarne pro reseni sve vlastni cinnosti s firmou atd. to nema nic spolecneho! Procital jsem si forum a pokazde jste vyzadovali i log z combofixu. Chtel jsem zkratit cas, rohodne jsem neminil porusovat pravidla. Jinak log RSIT byl porizen pred pouzitim combofixu. Kazdopadne diky za pomoc.
Logfile of random's system information tool 1.08 (written by random/random)
Run by karlos at 2013-04-19 17:53:33
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 18 GB (9%) free of 200 GB
Total RAM: 8169 MB (88% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
/QuitInfo:0000000000000100;0000000000000168; /AddRef;
/QuitInfo:000000000000029C;00000000000002A0; /AddRef;
/QuitInfo:0000000000000278;00000000000002A8;
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\helppane.exe -Embedding
"C:\Program Files (x86)\totalcmd\TOTALCMD.EXE"
"C:\Windows\system32\cmd.exe"
\??\C:\Windows\system32\conhost.exe "18430835362043042995123102021027891912010292926-1917140978412934867570440631
msconfig
C:\Windows\system32\wbem\wmiprvse.exe
"E:\progs\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1465061781-2703766832-3891519350-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1465061781-2703766832-3891519350-1003UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-16 537576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-16 193512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000001-AB3B-4334-9DA2-EC6B2A02AFC6}]
FileServeManager - C:\Program Files (x86)\FileServe Manager\FileServeBHO.dll [2011-09-21 1257752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-16 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-10-27 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-16 157672]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-19 11613288]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-10-27 613536]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-10-27 379040]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-03-26 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-03-26 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-03-26 418840]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2010-12-17 391144]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]
"Zune Launcher"=C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
"Windows Phone Device Manager"=C:\Windows\WPDeviceManager\WPDeviceManager.exe /Minimized []
"WD Quick View"=C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe [2011-12-15 4244888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Google Update"=C:\Users\karlos\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-04 136176]
"AdobeBridge"= []
"ctfmon.exe"=C:\PROGRA~3\rundll32.exe [2013-04-19 44544]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileServe Manager Task]
C:\Program Files (x86)\FileServe Manager\FSStarter.exe [2011-09-21 954648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-06-07 421776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2012-08-08 1353080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2010-12-17 5566176]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-03-22 284184]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-04-18 421888]
"vmware-tray.exe"=C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [2012-08-15 104088]
"WD Drive Unlocker"=C:\Program Files (x86)\Western Digital\WD Apps\WDDriveAutoUnlock.exe [2011-12-16 1687968]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-12-10 2254768]
C:\Users\karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
msconfig.lnk - C:\Windows\System32\rundll32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-03-26 385024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=3
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-04-19 17:53:34 ----D---- C:\Program Files\trend micro
2013-04-19 17:53:33 ----D---- C:\rsit
2013-04-19 17:46:28 ----A---- C:\Windows\system32\drivers\ckemiqak.sys
2013-04-19 17:40:37 ----A---- C:\Windows\system32\drivers\mvrvdclr.sys
2013-04-19 15:50:03 ----A---- C:\Windows\ntbtlog.txt
2013-04-19 15:38:38 ----A---- C:\ProgramData\lbtw.bat
2013-04-19 15:38:38 ----A---- C:\ProgramData\as98213.txt
2013-04-19 15:38:37 ----A---- C:\ProgramData\rundll32.exe
2013-04-13 22:49:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-04-13 22:49:20 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-04-13 22:49:20 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-13 22:49:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-04-13 22:49:19 ----A---- C:\Windows\SYSWOW64\url.dll
2013-04-13 22:49:19 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-04-13 22:49:19 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-04-13 22:49:19 ----A---- C:\Windows\system32\urlmon.dll
2013-04-13 22:49:19 ----A---- C:\Windows\system32\url.dll
2013-04-13 22:49:19 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-13 22:49:19 ----A---- C:\Windows\system32\ieui.dll
2013-04-13 22:49:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-04-13 22:49:18 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-04-13 22:49:18 ----A---- C:\Windows\system32\wininet.dll
2013-04-13 22:49:18 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-13 22:49:18 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-13 22:49:18 ----A---- C:\Windows\system32\jscript9.dll
2013-04-13 22:49:17 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-04-13 22:49:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-04-13 22:49:17 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-04-13 22:49:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-04-13 22:49:17 ----A---- C:\Windows\system32\vbscript.dll
2013-04-13 22:49:17 ----A---- C:\Windows\system32\jscript.dll
2013-04-13 22:49:17 ----A---- C:\Windows\system32\iertutil.dll
2013-04-13 22:49:16 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-04-13 22:49:15 ----A---- C:\Windows\system32\mshtml.dll
2013-04-13 22:49:14 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-04-13 22:49:14 ----A---- C:\Windows\system32\ieframe.dll
2013-04-13 22:44:34 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-04-13 22:44:34 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-04-13 22:44:34 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-04-13 22:44:34 ----A---- C:\Windows\system32\tsgqec.dll
2013-04-13 22:44:34 ----A---- C:\Windows\system32\mstscax.dll
2013-04-13 22:44:34 ----A---- C:\Windows\system32\aaclient.dll
2013-04-13 22:44:30 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-04-13 22:44:28 ----A---- C:\Windows\system32\win32k.sys
2013-04-13 22:44:26 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-04-13 22:44:03 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-04-13 22:44:03 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-13 22:44:02 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-04-13 22:44:02 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-04-13 22:44:02 ----A---- C:\Windows\system32\smss.exe
2013-04-13 22:44:02 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-03 12:54:20 ----D---- C:\Users\karlos\AppData\Roaming\Mozilla
2013-04-03 06:42:22 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2013-04-02 20:15:35 ----A---- C:\Windows\system32\Wdfres.dll
2013-04-02 20:15:35 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-04-02 20:15:35 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-04-02 20:10:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-04-02 20:10:01 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-04-02 20:10:01 ----A---- C:\Windows\system32\atmlib.dll
2013-04-02 20:10:01 ----A---- C:\Windows\system32\atmfd.dll
2013-04-02 20:09:30 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-04-02 20:09:30 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-04-02 20:09:29 ----A---- C:\Windows\system32\WUDFx.dll
2013-04-02 20:09:29 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-04-02 20:09:29 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-04-02 20:09:29 ----A---- C:\Windows\system32\WUDFHost.exe
2013-04-02 20:09:29 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-04-02 20:04:46 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-04-02 20:04:46 ----A---- C:\Windows\system32\tzres.dll
2013-04-02 20:04:38 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-04-02 20:04:38 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-04-02 20:04:38 ----A---- C:\Windows\system32\Wpc.dll
2013-04-02 20:04:38 ----A---- C:\Windows\system32\gameux.dll
2013-04-02 20:04:23 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-04-02 20:04:23 ----A---- C:\Windows\system32\wintrust.dll
2013-04-02 20:04:19 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-04-02 20:04:19 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-04-02 20:04:19 ----A---- C:\Windows\system32\KernelBase.dll
2013-04-02 20:04:19 ----A---- C:\Windows\system32\kernel32.dll
2013-04-02 20:04:19 ----A---- C:\Windows\system32\conhost.exe
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-04-02 20:04:18 ----A---- C:\Windows\system32\wow64win.dll
2013-04-02 20:04:18 ----A---- C:\Windows\system32\wow64cpu.dll
2013-04-02 20:04:18 ----A---- C:\Windows\system32\wow64.dll
2013-04-02 20:04:18 ----A---- C:\Windows\system32\ntvdm64.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-04-02 20:04:01 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-04-02 20:04:01 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-04-02 20:04:01 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-04-02 20:04:01 ----A---- C:\Windows\system32\winsrv.dll
2013-04-02 20:04:00 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-04-02 20:03:59 ----A---- C:\Windows\SYSWOW64\user.exe
2013-04-02 20:03:55 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-04-02 20:03:55 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2013-04-02 20:03:55 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-04-02 20:03:55 ----A---- C:\Windows\system32\nlasvc.dll
2013-04-02 20:03:55 ----A---- C:\Windows\system32\netcorehc.dll
2013-04-02 20:03:55 ----A---- C:\Windows\system32\ncsi.dll
2013-04-02 20:03:55 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-04-02 20:03:54 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-04-02 20:03:54 ----A---- C:\Windows\system32\nlaapi.dll
2013-04-02 20:03:54 ----A---- C:\Windows\system32\netevent.dll
2013-04-02 20:03:54 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-04-02 20:03:50 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-04-02 20:03:50 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-04-02 20:03:49 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-04-02 20:03:49 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2013-04-02 20:03:49 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-04-02 20:03:49 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-04-02 20:03:45 ----A---- C:\Windows\system32\msxml6.dll
2013-04-02 20:03:45 ----A---- C:\Windows\system32\msxml3.dll
2013-04-02 20:03:44 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-04-02 20:03:44 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-04-02 20:03:41 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-04-02 20:03:41 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-04-02 20:03:41 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-04-02 20:03:41 ----A---- C:\Windows\system32\cryptsvc.dll
2013-04-02 20:03:41 ----A---- C:\Windows\system32\cryptnet.dll
2013-04-02 20:03:41 ----A---- C:\Windows\system32\crypt32.dll
2013-04-02 20:03:36 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-04-02 20:03:36 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-04-02 20:03:36 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-04-02 20:03:36 ----A---- C:\Windows\system32\win32spl.dll
2013-04-02 20:03:36 ----A---- C:\Windows\system32\usp10.dll
2013-04-02 20:03:36 ----A---- C:\Windows\system32\ncrypt.dll
2013-04-02 20:03:36 ----A---- C:\Windows\system32\dpnet.dll
2013-04-02 20:03:35 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-04-02 20:03:34 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-04-02 20:03:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-04-02 20:03:34 ----A---- C:\Windows\system32\taskhost.exe
2013-04-02 20:03:34 ----A---- C:\Windows\system32\synceng.dll
2013-04-02 20:03:34 ----A---- C:\Windows\system32\kerberos.dll
2013-04-02 20:03:34 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-03-27 18:55:14 ----D---- C:\ProgramData\DFX
======List of files/folders modified in the last 1 months======
2013-04-19 17:53:34 ----RD---- C:\Program Files
2013-04-19 17:50:22 ----D---- C:\Windows\System32
2013-04-19 17:50:22 ----D---- C:\Windows\inf
2013-04-19 17:50:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-19 17:46:28 ----HD---- C:\ProgramData
2013-04-19 17:46:28 ----D---- C:\Windows\Temp
2013-04-19 17:46:28 ----D---- C:\Windows\system32\drivers
2013-04-19 17:41:10 ----D---- C:\Windows\Prefetch
2013-04-19 17:39:18 ----D---- C:\ProgramData\NVIDIA
2013-04-19 17:35:58 ----D---- C:\Program Files (x86)\Common Files
2013-04-19 15:50:03 ----AD---- C:\Windows
2013-04-19 15:35:54 ----D---- C:\Windows\system32\config
2013-04-19 15:32:15 ----D---- C:\Users\karlos\AppData\Roaming\WTablet
2013-04-19 15:32:11 ----D---- C:\ProgramData\VMware
2013-04-18 22:23:43 ----D---- C:\Users\karlos\AppData\Roaming\TS3Client
2013-04-18 16:51:19 ----D---- C:\Windows\SysWOW64
2013-04-18 16:51:15 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-04-17 15:30:02 ----SHD---- C:\System Volume Information
2013-04-16 20:49:51 ----D---- C:\Users\karlos\AppData\Roaming\vlc
2013-04-15 16:22:04 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client
2013-04-13 23:01:40 ----D---- C:\Windows\system32\catroot2
2013-04-13 23:01:22 ----D---- C:\Windows\winsxs
2013-04-13 22:59:20 ----D---- C:\Windows\SYSWOW64\migration
2013-04-13 22:59:20 ----D---- C:\Windows\system32\migration
2013-04-13 22:59:20 ----D---- C:\Program Files\Internet Explorer
2013-04-13 22:59:20 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-13 22:59:18 ----D---- C:\Windows\system32\DriverStore
2013-04-13 22:52:20 ----A---- C:\Windows\system32\MRT.exe
2013-04-13 22:51:38 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-04-13 22:51:30 ----D---- C:\temp
2013-04-13 22:50:11 ----D---- C:\Program Files\NVIDIA Corporation
2013-04-13 22:50:08 ----D---- C:\Windows\system32\catroot
2013-04-12 22:37:54 ----D---- C:\Program Files (x86)\Hard Disk Sentinel
2013-04-05 17:29:46 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-04-04 06:47:08 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2013-04-03 12:54:20 ----SHD---- C:\Windows\Installer
2013-04-03 10:55:44 ----RSD---- C:\Windows\assembly
2013-04-03 10:55:44 ----D---- C:\Windows\Microsoft.NET
2013-04-03 10:54:23 ----D---- C:\Windows\rescache
2013-04-03 06:45:36 ----D---- C:\ProgramData\Origin
2013-04-03 06:45:12 ----D---- C:\Users\karlos\AppData\Roaming\Origin
2013-04-03 06:45:00 ----D---- C:\Program Files (x86)\Origin
2013-04-03 06:42:22 ----RD---- C:\Program Files (x86)
2013-04-03 06:40:55 ----D---- C:\Program Files\Microsoft Silverlight
2013-04-03 06:40:54 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-04-02 21:07:53 ----D---- C:\Windows\SYSWOW64\en-US
2013-04-02 21:07:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-04-02 21:07:52 ----D---- C:\Windows\system32\wbem
2013-04-02 21:07:52 ----D---- C:\Windows\system32\en-US
2013-04-02 21:07:52 ----D---- C:\Windows\system32\drivers\en-US
2013-04-02 21:07:52 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-04-02 21:07:52 ----D---- C:\Windows\system32\cs-CZ
2013-04-02 21:07:52 ----D---- C:\Windows\PolicyDefinitions
2013-04-02 21:07:52 ----D---- C:\Windows\AppPatch
2013-04-02 21:07:50 ----RSD---- C:\Windows\Fonts
2013-04-02 20:20:23 ----D---- C:\Windows\debug
2013-04-02 20:19:51 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-04-02 20:11:25 ----D---- C:\Program Files\Microsoft Security Client
2013-04-02 20:11:25 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-04-02 20:00:56 ----D---- C:\Windows\system32\Tasks
2013-04-02 12:34:28 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-03-22 557080]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2011-07-26 277088]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2010-12-18 25280]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2011-07-26 1263200]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2011-07-26 970336]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2012-07-06 85104]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2012-07-06 70256]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2010-12-08 122856]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2010-12-08 369640]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-09-21 313520]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2012-08-15 32920]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2012-08-15 20120]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\Windows\system32\DRIVERS\VMNetSrv.sys [2008-02-05 79416]
R3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys [2010-01-24 18216]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2007-02-16 12848]
S0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-06-14 513080]
S1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-24 13440]
S1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464]
S1 ckemiqak;ckemiqak; \??\C:\Windows\system32\drivers\ckemiqak.sys [2013-04-19 49872]
S1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2011-07-19 295272]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-08-01 314016]
S2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2012-08-01 52376]
S2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-08-01 43680]
S2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
S2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2012-08-15 45720]
S2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2012-08-15 30360]
S2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2012-08-15 67224]
S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared); C:\Windows\SysWOW64\drivers\vstor2-mntapi10-shared.sys [2011-07-12 33392]
S3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2011-07-26 285280]
S3 AthDfu;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-10-27 55336]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-27 279152]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ESLvnic1;ESLvnic Virtual Network 64 Bit; C:\Windows\system32\DRIVERS\ESLvnic.sys [2011-11-28 25528]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-03-26 12262336]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-23 2565736]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
S3 PSMounter;Macrium Reflect Image Explorer Service; \??\C:\Windows\system32\drivers\psmounter.sys [2011-06-07 40600]
S3 PSVolAcc;PSVolAcc; C:\Windows\system32\drivers\PSVolAcc.sys [2011-06-07 13464]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RivaTuner64;RivaTuner64; \??\C:\Program Files (x86)\RivaTuner\RivaTuner64.sys [2011-08-16 19952]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 vmusb;VMware USB Client Driver; C:\Windows\System32\Drivers\vmusb.sys [2012-08-01 37680]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
S2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2010-12-17 1112664]
S2 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-07-26 3246040]
S2 AfterFLICS v3;AfterFLICS v3; C:\Program Files (x86)\AFLICS\AfterFLICS.exe [2011-04-15 135170]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
S2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-03 918144]
S2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2010-12-02 915584]
S2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 DCPFLICS;DCPFLICS; C:\Program Files (x86)\DCPFLICS\DCPFLICS.exe [2007-10-24 139268]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-03-22 13336]
S2 InputDirector;Input Director Service; C:\Program Files (x86)\Input Director\IDWinService.exe [2010-02-01 36864]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2010-08-12 133800]
S2 mi-raysat_3dsmax2011_64;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit; C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe [2010-03-10 86016]
S2 mi-raysat_3dsmax2013_64;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit; C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe [2011-09-15 86016]
S2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2010-12-07 66560]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-12-03 76888]
S2 ReflectService;Macrium Reflect Image Mounting Service; C:\Program Files\Macrium\Reflect\ReflectService.exe [2011-06-07 301720]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 TabletServiceWacom;TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [2010-03-08 6245744]
S2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2012-08-15 79872]
S2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2012-08-15 357016]
S2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-08-01 917656]
S2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2012-08-15 435864]
S2 VMwareHostd;VMware Workstation Server; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-08-15 15680000]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-04-16 1432400]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 IDVistaService;Input Director Vista Service; C:\Program Files (x86)\Input Director\IDVistaService.exe [2009-02-08 13824]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2012-03-06 3953632]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-08-03 529232]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-07-19 738152]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by karlos at 2013-04-19 17:53:33
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 18 GB (9%) free of 200 GB
Total RAM: 8169 MB (88% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
/QuitInfo:0000000000000100;0000000000000168; /AddRef;
/QuitInfo:000000000000029C;00000000000002A0; /AddRef;
/QuitInfo:0000000000000278;00000000000002A8;
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\helppane.exe -Embedding
"C:\Program Files (x86)\totalcmd\TOTALCMD.EXE"
"C:\Windows\system32\cmd.exe"
\??\C:\Windows\system32\conhost.exe "18430835362043042995123102021027891912010292926-1917140978412934867570440631
msconfig
C:\Windows\system32\wbem\wmiprvse.exe
"E:\progs\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1465061781-2703766832-3891519350-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1465061781-2703766832-3891519350-1003UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-16 537576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-16 193512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000001-AB3B-4334-9DA2-EC6B2A02AFC6}]
FileServeManager - C:\Program Files (x86)\FileServe Manager\FileServeBHO.dll [2011-09-21 1257752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-16 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-10-27 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-16 157672]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-19 11613288]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-10-27 613536]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-10-27 379040]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-03-26 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-03-26 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-03-26 418840]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2010-12-17 391144]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]
"Zune Launcher"=C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
"Windows Phone Device Manager"=C:\Windows\WPDeviceManager\WPDeviceManager.exe /Minimized []
"WD Quick View"=C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe [2011-12-15 4244888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Google Update"=C:\Users\karlos\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-04 136176]
"AdobeBridge"= []
"ctfmon.exe"=C:\PROGRA~3\rundll32.exe [2013-04-19 44544]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileServe Manager Task]
C:\Program Files (x86)\FileServe Manager\FSStarter.exe [2011-09-21 954648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-06-07 421776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2012-08-08 1353080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2010-12-17 5566176]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-03-22 284184]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-04-18 421888]
"vmware-tray.exe"=C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [2012-08-15 104088]
"WD Drive Unlocker"=C:\Program Files (x86)\Western Digital\WD Apps\WDDriveAutoUnlock.exe [2011-12-16 1687968]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-12-10 2254768]
C:\Users\karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
msconfig.lnk - C:\Windows\System32\rundll32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-03-26 385024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=3
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-04-19 17:53:34 ----D---- C:\Program Files\trend micro
2013-04-19 17:53:33 ----D---- C:\rsit
2013-04-19 17:46:28 ----A---- C:\Windows\system32\drivers\ckemiqak.sys
2013-04-19 17:40:37 ----A---- C:\Windows\system32\drivers\mvrvdclr.sys
2013-04-19 15:50:03 ----A---- C:\Windows\ntbtlog.txt
2013-04-19 15:38:38 ----A---- C:\ProgramData\lbtw.bat
2013-04-19 15:38:38 ----A---- C:\ProgramData\as98213.txt
2013-04-19 15:38:37 ----A---- C:\ProgramData\rundll32.exe
2013-04-13 22:49:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-04-13 22:49:20 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-04-13 22:49:20 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-13 22:49:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-04-13 22:49:19 ----A---- C:\Windows\SYSWOW64\url.dll
2013-04-13 22:49:19 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-04-13 22:49:19 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-04-13 22:49:19 ----A---- C:\Windows\system32\urlmon.dll
2013-04-13 22:49:19 ----A---- C:\Windows\system32\url.dll
2013-04-13 22:49:19 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-13 22:49:19 ----A---- C:\Windows\system32\ieui.dll
2013-04-13 22:49:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-04-13 22:49:18 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-04-13 22:49:18 ----A---- C:\Windows\system32\wininet.dll
2013-04-13 22:49:18 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-13 22:49:18 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-13 22:49:18 ----A---- C:\Windows\system32\jscript9.dll
2013-04-13 22:49:17 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-04-13 22:49:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-04-13 22:49:17 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-04-13 22:49:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-04-13 22:49:17 ----A---- C:\Windows\system32\vbscript.dll
2013-04-13 22:49:17 ----A---- C:\Windows\system32\jscript.dll
2013-04-13 22:49:17 ----A---- C:\Windows\system32\iertutil.dll
2013-04-13 22:49:16 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-04-13 22:49:15 ----A---- C:\Windows\system32\mshtml.dll
2013-04-13 22:49:14 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-04-13 22:49:14 ----A---- C:\Windows\system32\ieframe.dll
2013-04-13 22:44:34 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-04-13 22:44:34 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-04-13 22:44:34 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-04-13 22:44:34 ----A---- C:\Windows\system32\tsgqec.dll
2013-04-13 22:44:34 ----A---- C:\Windows\system32\mstscax.dll
2013-04-13 22:44:34 ----A---- C:\Windows\system32\aaclient.dll
2013-04-13 22:44:30 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-04-13 22:44:28 ----A---- C:\Windows\system32\win32k.sys
2013-04-13 22:44:26 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-04-13 22:44:03 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-04-13 22:44:03 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-13 22:44:02 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-04-13 22:44:02 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-04-13 22:44:02 ----A---- C:\Windows\system32\smss.exe
2013-04-13 22:44:02 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-03 12:54:20 ----D---- C:\Users\karlos\AppData\Roaming\Mozilla
2013-04-03 06:42:22 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2013-04-02 20:15:35 ----A---- C:\Windows\system32\Wdfres.dll
2013-04-02 20:15:35 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-04-02 20:15:35 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-04-02 20:10:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-04-02 20:10:01 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-04-02 20:10:01 ----A---- C:\Windows\system32\atmlib.dll
2013-04-02 20:10:01 ----A---- C:\Windows\system32\atmfd.dll
2013-04-02 20:09:30 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-04-02 20:09:30 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-04-02 20:09:29 ----A---- C:\Windows\system32\WUDFx.dll
2013-04-02 20:09:29 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-04-02 20:09:29 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-04-02 20:09:29 ----A---- C:\Windows\system32\WUDFHost.exe
2013-04-02 20:09:29 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-04-02 20:04:46 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-04-02 20:04:46 ----A---- C:\Windows\system32\tzres.dll
2013-04-02 20:04:38 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-04-02 20:04:38 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-04-02 20:04:38 ----A---- C:\Windows\system32\Wpc.dll
2013-04-02 20:04:38 ----A---- C:\Windows\system32\gameux.dll
2013-04-02 20:04:23 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-04-02 20:04:23 ----A---- C:\Windows\system32\wintrust.dll
2013-04-02 20:04:19 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-04-02 20:04:19 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-04-02 20:04:19 ----A---- C:\Windows\system32\KernelBase.dll
2013-04-02 20:04:19 ----A---- C:\Windows\system32\kernel32.dll
2013-04-02 20:04:19 ----A---- C:\Windows\system32\conhost.exe
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-04-02 20:04:18 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-04-02 20:04:18 ----A---- C:\Windows\system32\wow64win.dll
2013-04-02 20:04:18 ----A---- C:\Windows\system32\wow64cpu.dll
2013-04-02 20:04:18 ----A---- C:\Windows\system32\wow64.dll
2013-04-02 20:04:18 ----A---- C:\Windows\system32\ntvdm64.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-04-02 20:04:17 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-04-02 20:04:01 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-04-02 20:04:01 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-04-02 20:04:01 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-04-02 20:04:01 ----A---- C:\Windows\system32\winsrv.dll
2013-04-02 20:04:00 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-04-02 20:03:59 ----A---- C:\Windows\SYSWOW64\user.exe
2013-04-02 20:03:55 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-04-02 20:03:55 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2013-04-02 20:03:55 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-04-02 20:03:55 ----A---- C:\Windows\system32\nlasvc.dll
2013-04-02 20:03:55 ----A---- C:\Windows\system32\netcorehc.dll
2013-04-02 20:03:55 ----A---- C:\Windows\system32\ncsi.dll
2013-04-02 20:03:55 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-04-02 20:03:54 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-04-02 20:03:54 ----A---- C:\Windows\system32\nlaapi.dll
2013-04-02 20:03:54 ----A---- C:\Windows\system32\netevent.dll
2013-04-02 20:03:54 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-04-02 20:03:50 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-04-02 20:03:50 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-04-02 20:03:49 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-04-02 20:03:49 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2013-04-02 20:03:49 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-04-02 20:03:49 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-04-02 20:03:45 ----A---- C:\Windows\system32\msxml6.dll
2013-04-02 20:03:45 ----A---- C:\Windows\system32\msxml3.dll
2013-04-02 20:03:44 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-04-02 20:03:44 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-04-02 20:03:41 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-04-02 20:03:41 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-04-02 20:03:41 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-04-02 20:03:41 ----A---- C:\Windows\system32\cryptsvc.dll
2013-04-02 20:03:41 ----A---- C:\Windows\system32\cryptnet.dll
2013-04-02 20:03:41 ----A---- C:\Windows\system32\crypt32.dll
2013-04-02 20:03:36 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-04-02 20:03:36 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-04-02 20:03:36 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-04-02 20:03:36 ----A---- C:\Windows\system32\win32spl.dll
2013-04-02 20:03:36 ----A---- C:\Windows\system32\usp10.dll
2013-04-02 20:03:36 ----A---- C:\Windows\system32\ncrypt.dll
2013-04-02 20:03:36 ----A---- C:\Windows\system32\dpnet.dll
2013-04-02 20:03:35 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-04-02 20:03:34 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-04-02 20:03:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-04-02 20:03:34 ----A---- C:\Windows\system32\taskhost.exe
2013-04-02 20:03:34 ----A---- C:\Windows\system32\synceng.dll
2013-04-02 20:03:34 ----A---- C:\Windows\system32\kerberos.dll
2013-04-02 20:03:34 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-03-27 18:55:14 ----D---- C:\ProgramData\DFX
======List of files/folders modified in the last 1 months======
2013-04-19 17:53:34 ----RD---- C:\Program Files
2013-04-19 17:50:22 ----D---- C:\Windows\System32
2013-04-19 17:50:22 ----D---- C:\Windows\inf
2013-04-19 17:50:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-19 17:46:28 ----HD---- C:\ProgramData
2013-04-19 17:46:28 ----D---- C:\Windows\Temp
2013-04-19 17:46:28 ----D---- C:\Windows\system32\drivers
2013-04-19 17:41:10 ----D---- C:\Windows\Prefetch
2013-04-19 17:39:18 ----D---- C:\ProgramData\NVIDIA
2013-04-19 17:35:58 ----D---- C:\Program Files (x86)\Common Files
2013-04-19 15:50:03 ----AD---- C:\Windows
2013-04-19 15:35:54 ----D---- C:\Windows\system32\config
2013-04-19 15:32:15 ----D---- C:\Users\karlos\AppData\Roaming\WTablet
2013-04-19 15:32:11 ----D---- C:\ProgramData\VMware
2013-04-18 22:23:43 ----D---- C:\Users\karlos\AppData\Roaming\TS3Client
2013-04-18 16:51:19 ----D---- C:\Windows\SysWOW64
2013-04-18 16:51:15 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-04-17 15:30:02 ----SHD---- C:\System Volume Information
2013-04-16 20:49:51 ----D---- C:\Users\karlos\AppData\Roaming\vlc
2013-04-15 16:22:04 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client
2013-04-13 23:01:40 ----D---- C:\Windows\system32\catroot2
2013-04-13 23:01:22 ----D---- C:\Windows\winsxs
2013-04-13 22:59:20 ----D---- C:\Windows\SYSWOW64\migration
2013-04-13 22:59:20 ----D---- C:\Windows\system32\migration
2013-04-13 22:59:20 ----D---- C:\Program Files\Internet Explorer
2013-04-13 22:59:20 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-13 22:59:18 ----D---- C:\Windows\system32\DriverStore
2013-04-13 22:52:20 ----A---- C:\Windows\system32\MRT.exe
2013-04-13 22:51:38 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-04-13 22:51:30 ----D---- C:\temp
2013-04-13 22:50:11 ----D---- C:\Program Files\NVIDIA Corporation
2013-04-13 22:50:08 ----D---- C:\Windows\system32\catroot
2013-04-12 22:37:54 ----D---- C:\Program Files (x86)\Hard Disk Sentinel
2013-04-05 17:29:46 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-04-04 06:47:08 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2013-04-03 12:54:20 ----SHD---- C:\Windows\Installer
2013-04-03 10:55:44 ----RSD---- C:\Windows\assembly
2013-04-03 10:55:44 ----D---- C:\Windows\Microsoft.NET
2013-04-03 10:54:23 ----D---- C:\Windows\rescache
2013-04-03 06:45:36 ----D---- C:\ProgramData\Origin
2013-04-03 06:45:12 ----D---- C:\Users\karlos\AppData\Roaming\Origin
2013-04-03 06:45:00 ----D---- C:\Program Files (x86)\Origin
2013-04-03 06:42:22 ----RD---- C:\Program Files (x86)
2013-04-03 06:40:55 ----D---- C:\Program Files\Microsoft Silverlight
2013-04-03 06:40:54 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-04-02 21:07:53 ----D---- C:\Windows\SYSWOW64\en-US
2013-04-02 21:07:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-04-02 21:07:52 ----D---- C:\Windows\system32\wbem
2013-04-02 21:07:52 ----D---- C:\Windows\system32\en-US
2013-04-02 21:07:52 ----D---- C:\Windows\system32\drivers\en-US
2013-04-02 21:07:52 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-04-02 21:07:52 ----D---- C:\Windows\system32\cs-CZ
2013-04-02 21:07:52 ----D---- C:\Windows\PolicyDefinitions
2013-04-02 21:07:52 ----D---- C:\Windows\AppPatch
2013-04-02 21:07:50 ----RSD---- C:\Windows\Fonts
2013-04-02 20:20:23 ----D---- C:\Windows\debug
2013-04-02 20:19:51 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-04-02 20:11:25 ----D---- C:\Program Files\Microsoft Security Client
2013-04-02 20:11:25 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-04-02 20:00:56 ----D---- C:\Windows\system32\Tasks
2013-04-02 12:34:28 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-03-22 557080]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2011-07-26 277088]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2010-12-18 25280]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2011-07-26 1263200]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2011-07-26 970336]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2012-07-06 85104]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2012-07-06 70256]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2010-12-08 122856]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2010-12-08 369640]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-09-21 313520]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2012-08-15 32920]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2012-08-15 20120]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\Windows\system32\DRIVERS\VMNetSrv.sys [2008-02-05 79416]
R3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys [2010-01-24 18216]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2007-02-16 12848]
S0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-06-14 513080]
S1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-24 13440]
S1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464]
S1 ckemiqak;ckemiqak; \??\C:\Windows\system32\drivers\ckemiqak.sys [2013-04-19 49872]
S1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2011-07-19 295272]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-08-01 314016]
S2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2012-08-01 52376]
S2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-08-01 43680]
S2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
S2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2012-08-15 45720]
S2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2012-08-15 30360]
S2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2012-08-15 67224]
S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared); C:\Windows\SysWOW64\drivers\vstor2-mntapi10-shared.sys [2011-07-12 33392]
S3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2011-07-26 285280]
S3 AthDfu;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-10-27 55336]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-27 279152]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ESLvnic1;ESLvnic Virtual Network 64 Bit; C:\Windows\system32\DRIVERS\ESLvnic.sys [2011-11-28 25528]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-03-26 12262336]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-23 2565736]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
S3 PSMounter;Macrium Reflect Image Explorer Service; \??\C:\Windows\system32\drivers\psmounter.sys [2011-06-07 40600]
S3 PSVolAcc;PSVolAcc; C:\Windows\system32\drivers\PSVolAcc.sys [2011-06-07 13464]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RivaTuner64;RivaTuner64; \??\C:\Program Files (x86)\RivaTuner\RivaTuner64.sys [2011-08-16 19952]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 vmusb;VMware USB Client Driver; C:\Windows\System32\Drivers\vmusb.sys [2012-08-01 37680]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
S2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2010-12-17 1112664]
S2 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-07-26 3246040]
S2 AfterFLICS v3;AfterFLICS v3; C:\Program Files (x86)\AFLICS\AfterFLICS.exe [2011-04-15 135170]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
S2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-03 918144]
S2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2010-12-02 915584]
S2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 DCPFLICS;DCPFLICS; C:\Program Files (x86)\DCPFLICS\DCPFLICS.exe [2007-10-24 139268]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-03-22 13336]
S2 InputDirector;Input Director Service; C:\Program Files (x86)\Input Director\IDWinService.exe [2010-02-01 36864]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2010-08-12 133800]
S2 mi-raysat_3dsmax2011_64;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit; C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe [2010-03-10 86016]
S2 mi-raysat_3dsmax2013_64;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit; C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe [2011-09-15 86016]
S2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2010-12-07 66560]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-12-03 76888]
S2 ReflectService;Macrium Reflect Image Mounting Service; C:\Program Files\Macrium\Reflect\ReflectService.exe [2011-06-07 301720]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 TabletServiceWacom;TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [2010-03-08 6245744]
S2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2012-08-15 79872]
S2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2012-08-15 357016]
S2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-08-01 917656]
S2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2012-08-15 435864]
S2 VMwareHostd;VMware Workstation Server; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-08-15 15680000]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-04-16 1432400]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 IDVistaService;Input Director Vista Service; C:\Program Files (x86)\Input Director\IDVistaService.exe [2009-02-08 13824]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2012-03-06 3953632]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-08-03 529232]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-07-19 738152]
-----------------EOF-----------------
Re: Policie České republiky. Váš počítač je zablokován !
CF pouzivame, ale my s nim umime, vime ze jej muzeme aplikovat a tez vime, jak pripadne skody napravit Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna. 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Policie České republiky. Váš počítač je zablokován !
O tom v zadnem pripade nepochybuji. Ovsem, legalni system je u me samozrejmost!
Re: Policie České republiky. Váš počítač je zablokován !
Odinstalujte SpyHunter (Enigma Software Group), program zcela k nicemu Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: File:: C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1465061781-2703766832-3891519350-1003Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1465061781-2703766832-3891519350-1003UA.job Registry:: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Zune Launcher"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=- "Google Update"=- "AdobeBridge"=- "ctfmon.exe"=- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileServe Manager Task] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "AdobeCS5.5ServiceManager"=- "AdobeCS5ServiceManager"=- "QuickTime Task"=- "vmware-tray.exe"=- "LogMeIn Hamachi Ui"=- Collect:: C:\Users\karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\msconfig.lnk C:\Windows\system32\drivers\ckemiqak.sys C:\Windows\system32\drivers\mvrvdclr.sys C:\Windows\ntbtlog.txt C:\ProgramData\lbtw.bat C:\ProgramData\as98213.txt C:\ProgramData\rundll32.exe Folder:: c:\program files (x86)\Enigma Software Group DDS:: Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com Driver:: ckemiqak esgiguard EsgScanner RegLock:: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security] RegNull:: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*] ClearJavaCache:: Reboot::- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?